Reference Guide
Security | 1051
• If 802.1X authorization is enabled but the VLAN information from the RADIUS server is not
valid, the port returns to the unauthorized state and remains in the configured access VLAN. This
prevents ports from appearing unexpectedly in an inappropriate VLAN due to a configuration
error. Configuration errors create an entry in Syslog.
• If 802.1X authorization is enabled and all information from the RADIUS server is valid, the port is
placed in the specified VLAN after authentication.
• If port security is enabled on an 802.1X port with VLAN assignment, the port is placed in the
RADIUS server assigned VLAN.
• If 802.1X is disabled on the port, it is returned to the configured access VLAN.
• When the port is in the force authorized, force unauthorized, or shutdown state, it is placed in the
configured access VLAN.
• If an 802.1X port is authenticated and put in the RADIUS server assigned VLAN, any change to
the port access VLAN configuration will not take effect.
• The 802.1X with VLAN assignment feature is not supported on trunk ports, dynamic ports, or
with dynamic-access port assignment through a VLAN membership.
dot1x authentication (Configuration)
c e s z
Enable dot1x globally; dot1x must be enabled both globally and at the interface level.
Syntax
dot1x authentication
To disable dot1x on an globally, use the no dot1x authentication command.
Defaults
Disabled
Command Modes
CONFIGURATION
Command History
Related
Commands
dot1x authentication (Interface)
c e s z
Enable dot1x on an interface; dot1x must be enabled both globally and at the interface level.
Syntax
dot1x authentication
To disable dot1x on an interface, use the no dot1x authentication command.
Defaults
Disabled
Command Modes
INTERFACE
Command History
Version 8.3.11.1 Introduced on Z9000
Version 7.6.1.0 Introduced on C-Series and S-Series
Version 7.4.1.0 Introduced on E-Series
dot1x authentication (Interface) Enable dot1x on an interface
Version 8.3.11.1 Introduced on Z9000